After another record-setting year for cybercrime, security professionals are in line for a well-deserved raise, according to recent research.

The “Robert Walters Salary Survey 2018” predicted that salaries for cybersecurity jobs around the world will rise by 7 percent in 2018. In addition, the recruitment firm estimated that all IT roles will see an average increase of 2 percent in salary.

Firms like Wilmington’s The Fun Dept. have been saying that happy employees equal more profitable companies for years. Now, according to a report by the University of Delaware’s John D’Arcy, it appears that the crabbier the employees, the less secure their computing behavior.

An Iranian cyber espionage group known as Charming Kitten is believed to be behind a campaign targeting academic researchers, human rights activists, media outlets and political advisors focusing on Iran, according to a report published earlier this week by Israel-based threat intelligence company ClearSky Cyber Security. The group has also set up a news outlet […]
View full post on AmIHackerProof.com | Can You Be Hacked?

After eight months of maintaining his innocence in a massive data breach at Yahoo, Karim Baratov feels like he’s now, his lawyer says, doing the right thing by pleading guilty to charges stemming from his role as a hacker.

Baratov, who is from Hamilton, is scheduled for sentencing in February, after pleading guilty, in a U.S. court on Tuesday, to one count of conspiracy to commit computer fraud and abuse and eight counts of aggravated identity theft.

“He’s feeling like he’s doing the right thing … he’s happy that he’s doing the right thing, he’s happy that he’s opening up, and he’s not holding back,” said Amedeo DiCarlo, one of Baratov’s lawyers. “I think that’s what the justice system expects of him.”

Authorities say the hack affected at least a half billion user accounts, and was directed by two Russian intelligence agents. U.S. law enforcement officials call the 22-year-old Baratov a “hacker-for-hire” and say he was paid by members of Russia’s Federal Security Service to access more than 80 accounts.

DiCarlo wouldn’t say if Baratov turned over information on the two Russians linked to the case, but did say he has been “very forthcoming with his information” and “very transparent.”

“He told them everything they needed to know,” DiCarlo said.

Another one of his attorneys, Andrew Mancilla, echoed that sentiment outside of court after the guilty plea was made. “He’s been transparent and forthright with the government since he got here,” Mancilla said.

The Russian agents, Dmitry Dokuchaev and Igor Sushchin, used the information they stole from Yahoo to spy on Russian journalists, U.S. and Russian government officials and employees of financial services and other private businesses, according to prosecutors.

Dokuchaev, Sushchin and a third Russian national, Alexsey Belan, were also named in the indictment filed in February, though it’s not clear whether they will ever step foot in an American courtroom since there’s no extradition treaty with Russia.

Yahoo user accounts began being compromised at least as early as 2014. Prosecutors say Dokuchaev and Sushchin turned to Baratov after learning that one of their targets had accounts at webmail providers other than Yahoo.

After Baratov’s arrest, his parents said that their son was a “scapegoat.” DiCarlo said they are now finally seeing some sense of closure.

“It’s a big strain on everybody — it’s kind of like you’re biting your fingernails, waiting for the result. Now, here is a final result in their opinion … they see an end in the future.”

Baratov’s sentencing is set to happen in February, and the threshold for how much jail time he could face ranges from zero to 20 years, DiCarlo said — though he would not disclose what sentence the defence will submit as appropriate. It’s also not clear if Baratov would serve a sentence in Canada or the United States.

“We’ve got our ranges to work with, and that’s where the lawyering takes place,” DiCarlo said.

Internet service providers are perfectly positioned to make a significant contribution to cyber security for everyone, BT’s Gavin Patterson believes

Internet providers must do more to work collectively with businesses and governments to protect citizens from the growing threat of cyber crime, according to Gavin Patterson, chief executive of the BT Group.

“BT focuses on cyber security in a number of critical ways,” he told the FT Cyber Security Summit Europe in London. “As both a network operator and internet service provider [ISP], we are trusted to help repel cyber threats on behalf of the UK.”

With more than 2,500 dedicated security professionals operating from 15 security operations centres around the world, BT’s “global reach and depth of expertise” provides a “unique insight” into the cyber threat landscape, he said.

Based on these insights, Patterson said the cyber threat is changing and is no longer mainly about espionage and hacktivism.

Although a growing number of countries are beginning to include cyber techniques in their modern warfare arsenal and hacktivism remains a significant risk, the threat has moved on, said Patterson. “Cyber crime is now more pervasive and insidious, with a deeper impact on businesses and society.”

At the same time, said Patterson, more people than ever are connected to the internet, while the number of connected devices is projected to grow from nearly 27 billion in 2017 to 125 billion by 2030 as the internet of things (IoT) takes off, creating more points of vulnerability for criminals to exploit.

“As our head of security put it to me recently, ‘any criminal with a brain is now a cyber criminal’,” he said. “They are after the new commodity of our age, which is data.

“Stealing our data is to steal our most valuable asset, and we are seeing this happen at a faster pace and with greater sophistication than ever before.”

According to Patterson, BT’s security team detects 100,000 unique malware samples and protect the company’s network against more than 4,000 cyber attacks every day.

The attacks fall broadly into the categories of cyber theft for financial gain, phishing attacks, business email compromise (BEC), denial of service attacks and cyber extortion, he said.

Cyber-enabled fraud

Patterson said half of all reported fraud is cyber-enabled, according to the National Fraud Intelligence Bureau, and in the past 12 months, BT has identified and closed more than 5,000 phishing sites aimed at stealing personal details to commit crimes.

“CEOs, too, are at risk with the rise of whaling [or BEC], where phishing techniques are deliberately targeted at board level to impersonate and abuse their authority,” he said.

Distributed denial of service (DDoS) attacks are a popular form of cyber vandalism where the “brute force” of thousands of computers can be used to take down websites, said Patterson.

“The financial and reputational impact of such attacks on retailers, banks, airlines and utilities can be devastating,” he said, adding that DDoS attacks are a daily occurrence for BT’s customer-facing websites, with its security team mitigating an average of about 50 serious DDoS incidents every day.

BT has seen these attacks grow in frequency and size in recent years, with attacks currently up to 650Gbps, which is an increase of more than 60 times in the past 10 years.

Cyber extortion exploits businesses’ reliance on technology and data to hold them to ransom, said Patterson. “With ransomware available for purchase on the dark web for as little as $50, criminals can enter this rapidly growing market with ease, which means more high-profile attacks are likely,” he said.

“Perhaps the most worrying aspect of the WannaCry attack is its relatively unsophisticated nature. It exploited a known vulnerability, and a patch was readily available, which is a stark reminder to all of us to get the basics right – update antivirus software, install patches, invest in cyber security training for staff, and remind them to be very wary of opening suspicious emails or links.”

WannaCry also exposed the human cost of large-scale cyber crime, said Patterson. “These are not merely technical issues – people’s live are sometimes at risk,” he said.

“The attack on Britain’s healthcare system resulted in cancelled operations, missed appointments and delayed diagnoses. It is therefore a public policy imperative that this kind of disruption is prevented in the future.”

In terms of what can be done to improve the response to escalating cyber threats, Patterson said the problem cannot be solved just by investing in the latest technology.

“What is also needed is a truly comprehensive approach,” he said. “For businesses, cyber security must feature at the very top of the boardroom agenda. It is critical for companies to have a robust cyber security strategy and policies that are kept constantly under review and continually put to the test.”

Patterson also recommended organisations to continually educate their staff on cyber security to turn employees into the greatest asset in the fight to protect data, prepare for the unexpected by testing responses to cyber incidents, conductpenetration testingand runred teamingexercises.

Constantly evolving threat

But although all these initiatives are important, they are not enough on their own to stem the rising tide of cyber crime because criminals are constantly evolving the sophistication of their attacks, he said.

“We need all companies, and ISPs in particular, to work more closely with governments to help neutralise cyber crime,” said Patterson.

“This includes tackling how to improve sharing of information about emerging threats and how to prevent cyber criminals getting access to their victims.”

Sharing threat information enables the development of a collective capability to intercept attacks before the hit, said Patterson, adding that BT is making good progress in this regard.

“We proactively reach out to firms impacted by cyber events to offer our knowledge, expertise and support,” he said. “We also support the UK government’s Cybersecurity Information Sharing Partnership [Cisp – now under the auspices of the NCSC] and work with Interpol to exchange threat information.

“As for preventing access to victims, this is a matter of how active ISPs are intercepting malicious software and web content. As custodians of people’s data, as an industry, we are responsible for being a part of the solution.

“We cannot expect to eradicate online crime entirely, but we can step up our collective efforts to curb cyber criminals’ success rates significantly. If ISPs work together, in conjunction with government, we can take further steps to target online criminal activity at source.

“This requires careful consideration, but through collaboration and consensus, I am confident we can win the battle against the cyber crime threat, and BT stands ready to rise to that challenge.”

NATO is working on a “special doctrine” for cyber operations and taking steps to help member states bolster their cyber defenses, an official said Monday.

Merle Maigre, who directs a NATO-affiliated cyber center headquartered in Tallin, Estonia, outlined the alliance’s multi-pronged efforts on cybersecurity during an appearance at the Center for Strategic and International Studies in Washington, D.C.

“NATO is currently on its way to come to a better understanding and develop its thinking [of] how cyber defense is better reflected in both policy planning and military planning,” Maigre said. “NATO is developing a special doctrine for cyber operations. NATO’s center in Tallinn is the custodian for the doctrine.”

The alliance is also looking to provide better training for member states in cybersecurity, she said, which the Cooperative Cyber Defence Centre of Excellence in Tallinn is helping support.

Maigre added that the alliance is also focused on building “resilience” among member states so they can better protect their systems.

“Where NATO is currently going is helping the allies to build resilience, providing a framework for member states to have a better understanding of … their critical information protection, how these systems are being developed and who is responsible for that,” Maigre explained.

NATO has been increasingly focused on cybersecurity as threats have compounded in recent years. At the Warsaw summit last year, alliance members recognized cyberspace as a domain of operations. The alliance also recognizes cyber defense as a core part of its collective defense efforts.

NATO Secretary-General Jens Stoltenberg has also said that a cyberattack could trigger the Article 5 principle of collective defense, which declares an attack on one ally is an attack on all.

Maigre was asked Monday what cyber incidents, in particular, could trigger Article 5. Maigre did not offer up a specific example, instead stressing, “there’s nothing automatic about Article 5.”

“Article 5 requires North Atlantic Council, be it at the level of ambassadors, ministers or head of states and governments, to gather and make a decision, and that applies also to any country bombing other country,” Maigre said.

“It needs to be a consensus-based decision,” she later added. “No one can be against it.”

Tanel Sepp, a cyber official at Estonia’s defense ministry, explained that an invocation of Article 5 would depend on the type of cyberattack. The principle has been invoked only one time, following the Sept. 11 terrorist attacks against the United States.

“It is always and will always be a question of effects,” Sepp said. “What kind of attack are we talking about and what is impacted.”

The event in Washington reflected on a series of cyberattacks that hit Estonia in 2007 which authorities have pinned on Russia.

The head of the UK’s National Cyber Security Centre (NCSC) has urged organisations to ensure they understand cyber risks, as a survey reveals mid-sized firms have inadequate cyber protection

The head of the UK’s National Cyber Security Centre (NCSC) has urged organisations to ensure they understand cyber risks, as a survey reveals mid-sized firms have inadequate cyber protection

The most important thing leaders of organisations can do is to stop being afraid of the problem and try to understand it, according to Ciaran Martin, chief executive of the NCSC.

“For too long, cyber security has been shrouded in mystique and fear – that’s not helpful,” he said in the annual KPMG lecture, hosted by Queen’s Management School and the Chief Executives’ Club at Queen’s University Belfast.

“Attacks are about return on investment, and cyber defence is about risk management and harm reduction,” said Martin.

“When you put it like that, it doesn’t seem so completely daunting. There’s plenty we can do to manage the risk. So simplify, simplify, simplify. Understand the risks and take action that you understand to manage them,” he said.

Digital attacks are a real risk to economic wellbeing in Northern Ireland and its citizens, warned Martin, because they can cause widespread disruption to individuals, companies and public services.

“There’s some great work going on around Northern Ireland, for example at Queen’s, and we need strong partners across the whole of Northern Ireland society to combat the threat. That’s the way to make Northern Ireland one of the safest places to live and do business online,” he said.

Facing the challenge

Given that cyber attack is about return on investment (ROI) for the attacker and risk management for the defender, Martin said the NCSC’s job as the national authority for cyber security is to do what it can to help take away as much of the harm from as many of the people as often as possible.

“Doing that isn’t as glamorous as Hollywood makes out. Instead, it’s about a relentless focus on getting these basic defences right,” he said, adding that defences have to be useable by people.

“By focusing not just on technology, but also on behaviours and economic incentives, the government can help create the right framework where that improvement in basic cyber security can take place.

“Success is possible. We are not claiming that we’ve cracked the problem. I’ve already said that we expect serious attacks with significant public impact, but that doesn’t mean we can’t make progress.

“In the 12 months to September of this year, we saw a 47% increase globally in detected phishing attacks. But the UK’s share of those attacks fell from 5.1% to 3.3%,” he said.

By breaking the problem down into manageable chunks, and looking objectively at what is and is not working, Martin said some improvements can be achieved.

“Please don’t let anyone tell you that the problem is unfixable, or that the right skills can’t be developed. Skills are indeed a very significant challenge, but there is no reason at all we should see it as an insurmountable one,” he said.

“My final message to you as chief executives is that the most important thing you can do is not to be afraid of the problem. Work out what you care about protecting the most, treat it as you would any major corporate, and engage with us and with other partners to work out what the best protections are for you. Cyber security is a team sport and we should be optimistic about our ability to make a real difference.”

John Hansen, partner in charge, KPMG in Northern Ireland, said KPMG’s recent CEO outlook report revealed that cyber security is a key issue for business leaders in Northern Ireland.

“CEOs are moving beyond a generic view of cyber risk and are taking steps to become more cyber resilient by developing risk, resilience and mitigation plans in the parts of their business that could be most seriously affected,” he said.

Nola Hewitt-Dundas, head of Queen’s Management School, said: “Cyber security threats are fast becoming a major global and national issue for all organisations and businesses.

“This annual lecture series is one way that the Management School is working in partnership with KPMG to equip businesses to respond to serious technological challenges,” she said.

Seek out dedicated teams to fight cyber crime

According to a recent survey by UK-based IT managed services provider (MSP) CORETX, mid-sized companies in the UK are not adequately protecting themselves from cyber security threats.

The survey revealed this is not due to lack of investment in technology, but through a lack of the dedicated, skilled resource needed to make the most of those tools.

The survey of 100 IT decision makers shows that 72% have implemented a security and information event management (Siem) system, which combines data sources and presents security-related information in an accessible form. Organisations also regularly refresh other security systems, such as firewalls, which 83% of respondents had replaced with more modern technology in the past three years.

However, only 4% had staff dedicated to monitoring, analysing and reporting security information created by a Siem or other sources, and only 6% had staff dedicated to acting on security reports.

With day-to-day security management falling to multi-tasking, generalist IT resources, the survey report said it is not surprising that just 19% of organisations monitor all IT logs that might contain security information. When potential threats are identified, only 13% of organisations are communicating the intelligence to someone able to deal with it.

“Many organisations must be spending a lot of money on the latest technology and then failing to recruit the people they need to use it,” said Merlin Gillespie, group strategy director at CORETX.

“Analysing live data feeds to identify cyber attacks is something general IT staff are unlikely to be appropriately skilled for. It’s also a relentless task. There’s a lot of data to analyse and cyber criminals don’t respect nine-to-five working patterns. Non-specialists may struggle to be consistently effective at the level required, which seems to be born out in our survey results,” he said.

Three-quarters of survey respondents said their organisations had recently fallen victim to a cyber attack, with 40% occurring in the past year.

“It’s clear that many organisations’ security practices leave very large gaps in their protection,” said Gillespie.

“In our view, creating actionable intelligence on the threats organisations faces can only be handled by a dedicated team. A business can either recruit and support that function in house or outsource it, engaging a service provider that specialises in security. Whatever option is taken, the result can only be significantly more credible protection,” he said.

The WannaCry ransomware attack was the biggest test of the year for the UK’s new cybersecurity body. The National Cyber Security Centre’s (NCSC) annual review marks a year since it started work, although it was officially opened in February. In those 12 months, the NCSC says 1,131 cyber incidents have…

The US Secret Service says current human factors are restricting the progression of cyber security Ronald Layton, the deputy assistant director of the US Secret Service, said “cultural change” is needed in organisations to cut the number of cyber attacks caused by human error. Speaking at NetEvents’ Global Press &…